Research Paper
AppendixA Sample Business Continuity Plan for ABC Co.
The following plan represents a good overview for BC operations. It is based on numerous sources and includes the minimum information needed to function in a BC relocation operation. This plan is not complete, as there is limited space in this text for a complete BC plan. In many cases, annotations inside braces—for example, {Additional Details}—have been used to indicate that planners would include additional information for the use of its BC team members.
Overview
To ensure that ABC Co. continues to function in its competitive arena, minimum func- tional requirements have been established to sustain critical operations if the primary facilities are damaged or destroyed. Should the extent of such damage preclude con- tinued operations within the facility itself, some or all of the organization’s functions will be relocated to an alternate site as planned.
Objectives
The objectives of this plan are twofold:
1. To ensure that critical business functions are maintained while the organization reestablishes operations at the primary facility or at a new permanent alternate facility
2. To minimize the impact of interruptions on the services provided to our customers
Note that the plan presented here cannot possibly account for every possible event, thus the management team must use its discretion in reacting to each unique scenario.
Business Continuity Plan for ABC Co.
529
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
{Additional examples should be provided. Note the rankings here are examples, your esti- mates will be dependent on your situation}
Category 1: Building Loss or Unavailability Ranking Building loss due to fire: 7
Loss of main HQ building Worst case: Catastrophic loss
Implement BC Option A Best case: Loss of 1 or fewer offices
Implement BC Option C Most likely: Loss of 40–50% of offices
Implement BC Option B Loss of production facility Loss of data center
Building loss due to tornado: 5 Building loss due to flooding: 3 Building loss due to other circumstances: 1
{Note: For each category and subcategory, this document would contain a brief overview, taken from the BIA, of the threats and potential attack scenarios along with the correspond- ing BC plan options to be implemented if this particular version occurs.}
Category 2: Data Loss or Unavailability Data loss due to natural disaster (fire, flood, tornado, and so on): 3 Data loss due to external attacker—hacker: 5 Data loss due to external attacker—malware: 7 Data unavailability due to massive DoS attack: 4 Data loss due to other circumstances: 2
Category 3: Personnel Loss or Unavailability Personnel loss due to natural disaster: 4 Personnel loss due to mass illness: 2 Personnel loss due to other circumstances: 2
Disastrous Events The following events have been evaluated and determined to be realistic threats to the continued operations of ABC Co. They are listed here along with probabilities of occurrence and are ranked on a scale of 1 to 10, with 1 being highly unlikely and 10 being highly probable. This information was extracted from the business impact analysis for ABC Co. For additional details, see that document.
530 Appendix A Sample Business Continuity Plan for ABC Co.
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Category 4: Services Loss or Unavailability Power loss: 7 Internet loss: 7 Telephony loss: 6 Other service loss (water, gas, sewage, and so on): 3
Category 5: Other Potential Loss or Unavailability Rioting: 2 Terrorist attack: 4 Hostage situation: 5 Animal or insect infestation: 1 Other potential loss or unavailability: 2
Data Protection Strategies The director of IT will continue standard data backup strategies from the on-site RAID array. Specifically, Monday through Thursday are on-site differential backups. Friday’s full backups are stored off-site at a fire-proof and theft-proof location to be determined by the director. The organization will also engage in remote journaling for critical transactions.
{Additional details as needed}
Business Continuity Strategies
Option A: Relocate Operations to Alternate Site 1—Downtown Disaster Sanctuary Facilities Under this option, all designated operations (per BIA) are relocated according to the deployment plan below. This facility provides an open production bay, organized with portable cubicle walls, desks, power, available Internet and telephone services (not activated), parking, and restroom facil- ities. This facility can support temporary data center functions, but no dedicated HVAC, power, or Internet access services are predesignated. Contact information is available in Appendix A-1.
{Additional details as needed describing the facility, services, location, and so on}
Option B: Relocate Operations to Alternate Site 2— Space-Available Offices Under this option, up to 15 offices and up to 45 personnel can be located to temporary offices provided by a contractor specializing in small-office continuity strategies. The contrac- tor, also a commercial real estate office, will provide available office space in the general area to accommodate displaced offices. This facility does not have the capability to relocate data center functions. Contact information is available in Appendix A-2.
{Additional details as needed describing the facility, services, location, and so on}
Business Continuity Strategies 531
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Option C: Relocate Operations to Internal Offices Under this option, noncritical business functions are suspended, and critical functions in affected areas relocated to:
{Additional details as needed describing the facility, services, location, and so on}
Option D: Relocate Operations to Alternate Site 3— Dixie’s Data Center Under this option, the data center requires total relocation, and a designated facility has been contracted to provide critical data center functions using leased equipment. This electronic storage and access facility leases available data space and bandwidth, providing secure VPN connections from any site with Internet access. Critical data and applications can be ported from on-site or off-site backups and operations reestablished within 12–24 hours. Contact information is available in Appendix A-3.
{Additional details as needed describing the facility, services, location, and so on}
Option E: Mobile Facilities from Trailers-R-US Come to Primary Site and Set Up in Employee Lot 1. Under this option, a mobile business continuity service relocates between one and five mobile office and data center facilities to the organization’s site and connects to available on-site ser- vices. Designed primarily for fire- and flood-damaged facilities, this option provides the orga- nization with the ability to set up operations on-site and continue operations while supervis- ing cleanup and other disaster recovery operations. Contact information is available in Appendix A-4.
{Additional details as needed describing the facility, services, location, and so on}
Option F: Terminate Primary Services and Activate Alternatives. Under this option, primary services that are failing or under direct attack are temporarily ter- minated and identified alternatives activated:
Power Primary: Southern Power Co.—Special service contract providing on-site service within 4 hours unless regional disaster affects all service. See Appendix B-1 for details.
Alternate: On-site diesel generators—48-hour operations with on-site fuel, resupply guaranteed within 24 hours from local service stations. See Appendix B-2 for details.
Internet Primary: Internet Direct—Special service contract providing on-site service and internal secondary circuits should primaries be affected by anything other than a regional disaster. See Appendix B-3 for details.
Alternate: Global Communications—Alternate contract to provide service via cellular Internet access for administrative staff and redundant fiber-optic circuits for data cen- ter. See Appendix B-4 for details.
532 Appendix A Sample Business Continuity Plan for ABC Co.
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Telephony ● Primary: SoTelCo—Special service contract providing on-site service within 12 hours
unless all circuits affected by a regional disaster. See Appendix B-5 for details. ● Alternate: HappyTalk—Cellular telephony via handsets already in use by manage-
ment team. Extra phones in off-site storage to be activated in accordance with special contract with provider. See Appendix B-6 for details.
Redeployment Plans
Plan A: Total Redeployment Under this plan, the entire organization requires relocation to an alternate site as specified above. All secondary functions are suspended and all critical functions sustained. All mem- bers of the organization will return to their home of record or designated emergency shelter until such time as they are needed for redeployment.
Trigger—Decision by vice president of operations in response to an event representing total loss of primary facilities.
Advance party—The vice president of operations, acting as CP director, and his desig- nated BC team leader, along with select appropriate individuals, will immediately relo- cate to the site, as determined above, and prepare for operations. The following indi- viduals will have the corresponding responsibilities:
● BC team leader—Update the automated notification system with instructions as to when individual employees should report and where. Manage overall operations and specify needed equipment and supplies. Coordinate in-processing of all employees, including the creation of in-processing packets, office layouts, and other needed functions.
● Services team—Immediately begin setting up operations at the primary site to con- tinue critical business services. ABC Co. is a customer service organization, so this will involve establishing telephony, Internet access, and a call center. Once the critical func- tions are ready, the services team should coordinate incoming employee assignments
● Hardware team—Initially work on two divergent tasks: reestablishment of a tem- porary call center in accordance with the plan above and retrieval of equipment from off-site storage, as needed. Next, pull emergency laptops from storage, non- critical functions, and other locations as needed, and set up individual worksta- tions. Then provide tech support for incoming employees, as needed.
● Data and software team—Once the hardware team has the temporary data center operational, the software team should restore the most current backup from on- site/off-site locations, as available. Next, it should assist in establishing individual workstations and then provide technical support for incoming employees, as needed.
● Supplies and equipment (S&E) team—Based on the recommendations of the BC team leader, first activate any contracts to have needed office equipment (networks, photocopy, fax, and printing) installed at the alternate site. Next, using available organizational motor pool assets, acquire needed office supplies from local supply stores. Once supplies have been obtained, assist incoming employees in establishing workstations.
Redeployment Plans 533
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Main body—Once notified by the automated system, the critical functions employees will relocate to the alternate site. Secondary-function employees will also relocate to the alternate site and provide support as needed for critical function personnel, to include replacing unavailable personnel, in accordance with ABC Co.’s emergency task training plan. All other personnel will be placed on paid leave unless needed to sup- plement critical functions or other operations (DR or BC teams).
Plan B: Partial Redeployment Under this plan, portions of the organization’s critical functions will be relocated or rede- ployed to an alternate site per a selected BC option.
Trigger—Decision by vice president of operations in response to an event representing partial loss of primary facilities
Team responsibilities—{Details as reduced from the Total Redeployment case that are not needed for this case}
Plan C: Internal Reorganization Under this plan, displaced portions of the organization’s critical functions will be relocated to a site within the organization. Less critical functions will be suspended and the personnel redeployed to support critical functions, reorganization, and general support.
Trigger—Decision by vice president of operations in response to an event representing partial loss of primary facilities, with internal capacity for reorganization
Team responsibilities—{Details as reduced from the Total Redeployment case that are not needed for this case}
Appendices Appendix A—Business Continuity Alternate Site Agreements
Appendix B—Service Contracts
Appendix C—Automated Emergency Notification System Instructions
Appendix D—Offsite Equipment Stores
Appendix E—Emergency Phone Numbers, Including Service Providers
Appendix F—Chain of Command for BC Operations
Document Management: Signatories:
Document developed and submitted: __(signed A. Wilson)___________ Date: __9/1/2014_______________________
Document Approved: __(signed R. Xavier)____________ Date: __9/18/2014_______________________
534 Appendix A Sample Business Continuity Plan for ABC Co.
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Document Version Control Document Name: Business Continuity Plan (BC Plan) Document Status: Draft Version Number: 3.1 Date: September 18, 2014 Author: Amanda Wilson Authorized By: Richard Xavier Distribution: All CP committee and subcommittee members (IR, DR, BC), ABC Corp managerial team, all IT employees
Change History Version Issue Date Author Reason for Change Draft 1.0 9/25/2012 A. Wilson Initial draft Draft 2.0 5/15/2013 A. Wilson Revision of first draft Draft 3.0 12/5/2013 A. Wilson Second revision Draft 3.1 9/1/2014 A. Wilson Submitted for executive approval
Document Management 535
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
AppendixB Contingency Plan Template from the Computer Security Resource Center at the National Institute of Standards and Technology
This template can be found at http://csrc.nist.gov/groups/SMA/fasp/documents/contingency_ planning/contingencyplan-template.doc
This publication may be used by non-governmental organizations on a voluntary basis and is not subject to copyright in the United States.
537
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
<FACILITY/SYSTEM> CONTINGENCY PLAN
Version <number> <Date submitted>
Submitted to:
Submitted By:
<Facility name> <Facility address> <Facility address> <Facility address>
Source: NIST
538 Appendix B Contingency Plan Template from the Computer Security Resource Center @ NIST
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Source: NIST
Appendix B Contingency Plan Template from the Computer Security Resource Center @ NIST 539
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Source: NIST
540 Appendix B Contingency Plan Template from the Computer Security Resource Center @ NIST
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Source: NIST
Appendix B Contingency Plan Template from the Computer Security Resource Center @ NIST 541
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Source: NIST
542 Appendix B Contingency Plan Template from the Computer Security Resource Center @ NIST
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Source: NIST
Appendix B Contingency Plan Template from the Computer Security Resource Center @ NIST 543
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Source: NIST
544 Appendix B Contingency Plan Template from the Computer Security Resource Center @ NIST
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Source: NIST
Appendix B Contingency Plan Template from the Computer Security Resource Center @ NIST 545
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Source: NIST
546 Appendix B Contingency Plan Template from the Computer Security Resource Center @ NIST
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Source: NIST
Appendix B Contingency Plan Template from the Computer Security Resource Center @ NIST 547
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Source: NIST
548 Appendix B Contingency Plan Template from the Computer Security Resource Center @ NIST
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Source: NIST
Appendix B Contingency Plan Template from the Computer Security Resource Center @ NIST 549
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Source: NIST
550 Appendix B Contingency Plan Template from the Computer Security Resource Center @ NIST
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Source: NIST
Appendix B Contingency Plan Template from the Computer Security Resource Center @ NIST 551
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Source: NIST
552 Appendix B Contingency Plan Template from the Computer Security Resource Center @ NIST
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Source: NIST
Appendix B Contingency Plan Template from the Computer Security Resource Center @ NIST 553
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Source: NIST
554 Appendix B Contingency Plan Template from the Computer Security Resource Center @ NIST
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Source: NIST
Appendix B Contingency Plan Template from the Computer Security Resource Center @ NIST 555
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Source: NIST
556 Appendix B Contingency Plan Template from the Computer Security Resource Center @ NIST
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Source: NIST
Appendix B Contingency Plan Template from the Computer Security Resource Center @ NIST 557
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Source: NIST
558 Appendix B Contingency Plan Template from the Computer Security Resource Center @ NIST
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Source: NIST
Appendix B Contingency Plan Template from the Computer Security Resource Center @ NIST 559
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Source: NIST
560 Appendix B Contingency Plan Template from the Computer Security Resource Center @ NIST
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Source: NIST
Appendix B Contingency Plan Template from the Computer Security Resource Center @ NIST 561
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Source: NIST
562 Appendix B Contingency Plan Template from the Computer Security Resource Center @ NIST
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Source: NIST
Appendix B Contingency Plan Template from the Computer Security Resource Center @ NIST 563
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
Source: NIST
564 Appendix B Contingency Plan Template from the Computer Security Resource Center @ NIST
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
AppendixC Sample Crisis Management Plan for Hierarchical Access, Ltd.
Purpose This crisis management plan (CM) is designed to maximize the protection for personnel in the event of a crisis. Immediately following a crisis, this plan is to be placed into effect by the senior management present. Safety of personnel’s life and limb is paramount and super- sedes any efforts to protect property. All employees are responsible for becoming familiar with this plan and for following their associated duties in the event of its activation.
Crisis Management Planning Committee HAL’s crisis management planning committee (CMPC) consists of the chief executive officer, vice president of operations, director of human resources, and the chief information security officer, whoever they may be.
The planning committee meets annually to review the CM plan and schedule appropriate training and exercises.
Crisis Types For the purposes of this plan, there are three categories of crises. The first, although serious, should not require the implementation of this plan.
The CM team leader or his or her appointed representative assesses the elements of the crisis and determines what level of crisis HAL faces based on the following criteria:
Category 1: Minor damage to physical facilities or minor injury to personnel; addressable with on-site resources or limited off-site assistance. Category 1 events are of a limited dura- tion and have little or no significant impact on personnel safety or organizational opera- tions. Examples of category 1 events include the following:
● Small building fire ● Power outage ● Minor flooding due to plumbing failure or excessive precipitation ● Individual personal accident, illness, or injury, including heart attack or stroke
565
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.
● Assault or battery incident ● Vehicle accident ● Alcohol-related incident ● Employee suicide
Category 2: Major damage to physical facilities requiring considerable off-site assistance. Cat- egory 2 events are of longer duration than category 1 events and may affect more than a few per- sonnel. Category 2 events may escalate depending on crisis conditions and require implementa- tion of the CM plan. Examples of category 2 events include the following:
● Moderate building fire ● Widespread public health issue, such as a flu or cold ● Power outage ● Excessive flooding due to excessive precipitation ● Isolated suspected terrorist attack, such as a chemical or biological agent or explosive ● Hostage or sniper incident ● Vehicle accident ● Alcohol-related incident ● Minor earthquake, hurricane, or tornado damage ● Riots or demonstrations
Category 3: Organization-wide crisis requiring evacuation of organizational facilities, if possible, and/or cessation of organizational functions pending resolution of the crisis. Cat- egory 3 crises represent the highest level of impact on the organization and may occur in conjunction with local, state, or federal emergency relief efforts. Examples of a category 3 crisis include:
● Public health epidemic or outbreak ● Terrorist attack or explosion ● Other explosion (chemical, natural gas, or other) ● Major chemical or biological agent spill or release ● Widespread fires or wildfires ● Massive flooding, mudslides, or landslides requiring regional evacuation ● Massive earthquake, hurricane, or tornado damage
Crisis Management Team Structure The CM team has the following purpose:
● To develop and maintain awareness of the crisis or emergency situation for HAL management
● To coordinate support and assistance for crisis and emergency responders
566 Appendix C Sample Crisis Management Plan for Hierarchical Access, Ltd.
Copyright 2013 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part.